Ransomware in the first half of 2022 Compared to 2021, the amount of publicly reported ransomware attacks has increased across most months according to BlackFog’s 2022 state of ransomware report. These numbers are significantly higher than in 2020 and could be a result of the specific sectors being attacked. Certain industries, like education and government, don’t have the luxury to pause operations, and are sometimes have no choice but to pay ransoms if they don’t have proper data backups. In addition, industries like technology and healthcare are seeing a rise in ransomware attacks, likely due to the sensitive nature of
War Stories and Other Helpful Information
Who is LockBit? LockBit is a multimillion-dollar ransomware group that offers ransomware as a service. It treats ransomware as a business and even has affiliate marketing, bug bounty, and HR programs. Using its revenue, it hires individuals to write its ransomware software. LockBit is one of the most active ransomware groups. At LockBit, “employees” do not execute the initial exploit themselves; instead, they place ads on the dark web to offer initial access. In these ads, LockBit states it will provide everything you need to deploy ransomware, and then splits the ransom profits with the threat actor. LockBit 3.0 This
Reports show that globally, in 2021, the number of ransomware attacks increased significantly. Not only did the level of frequency grow, but so did their level of sophistication. Ransomware as an industry is escalating and it’s important to know what to look for to better protect sensitive data. Here are several trends to be aware of and steps to help mitigate the risk of attack: Cybercriminal Services for Hire The ransomware market has become more sophisticated and professional in recent years, making attacks harder to distinguish. It has also become more collaborative, with cybercriminals utilizing ransomware-as-a-service (RaaS), engaging with third-party
How Much Money Does Your Incident Response Team Make on Ransom Payments? A common trend in the cybersecurity space is incident response teams making a profit on a percentage of the ransom payments paid out to threat actors when a ransomware attack occurs. Since this profit is often far more than the fees the incident response team would pay a crypto currency broker, the incident response team is making money from a situation it should be trying to avoid at all costs. To truly understand the conflict of interest for an incident response team paying the ransom, let’s look at
According to a survey of managed service providers for SMEs, only 30 percent felt that ransomware was a critical threat, perhaps indicating an attitude that it only affects larger corporations. This couldn’t be further from the truth. In fact, a single ransomware “gang” took on 63 companies in 2021 so far, including schools, local government agencies and healthcare services. Smaller businesses may, in fact, be more at risk because of several factors. Lack of Cybersecurity Training Any company that connects to the internet and holds data of any kind is at risk from threat actors. This means every organization is at
On July 2nd, 2021, Kaseya, an IT solutions developer for MSPs and enterprise clients, announced that it had become victim to a cyberattack. Kaseya immediately encouraged its customers to shut down VSA (Virtual System/Server Administrator) servers in order to prevent further access to attackers.
Walking in to a ransomware splash screen on your organizations’ computers can be terrifying; and trust us, ransomware was designed to terrify. Often times untraceable bitcoin payments are involved (and sometimes even extortion demands) in order to gain access to your computer, encrypted files, or network. Ransomware is currently considered by many reports as one of the top cybersecurity threats, and for good reason. Not only is data theft a profitable industry, costing companies on average $761,106 per payout, but attackers have taken things a step further by publicly disclosing sensitive data on leak sites. If you discover ransomware in your system, the most important thing to do first is not to panic.